<?php
session_start();
/*
 * Session variables:
 * $_SESSION['type'] [string] = user type of the logged in user
 * $_SESSION['authorised'] [boolean] = whether or not the current user is logged in
 * $_SESSION['account_name'] [string] = the username of the student
 * $_SESSION['parent_lastname'] [string] = student's parent's lastname;
 * $_SESSION['parent_firstname'] [string] = student's parent's firstname;
 * $_SESSION['parent_middlename'] [string] = student's parent's middlename;
 * $_SESSION['level'] [string] = student's level;
 * $_SESSION['school'] [string] = student's school;
 * $_SESSION['month'] [string] = student's enrolled month;
 * $_SESSION['day'] [string] = student's enrolled day;
 * $_SESSION['year'] [string] = student's enrolled year;
 */
if(isset($_SESSION['authorised']) && $_SESSION['authorised'] == true)
{   
    if(isset($_SESSION['type']))
    {
        if($_SESSION['type'] == 'administrator')
        {
            
			$username= $_SESSION['account_name'];
			
			$parent_lastname=strtoupper(addslashes(pg_escape_string($_POST['parent_lastname'])));
			$parent_firstname=strtoupper(addslashes(pg_escape_string($_POST['parent_firstname'])));
			$parent_middlename=strtoupper(addslashes(pg_escape_string($_POST['parent_middlename'])));
			$level=strtoupper(addslashes(pg_escape_string($_POST['level'])));
			$school=strtoupper(addslashes(pg_escape_string($_POST['school'])));
			$month=$_POST['month'];
			$day=$_POST['day'];
			$year=$_POST['year'];
            
			include('connection.inc');
            
			$sql ="select parents.parent_id, users.lastname, users.firstname, users.middlename from parents inner join users on parents.username = users.username where users.lastname='$parent_lastname' AND users.firstname='$parent_firstname' AND users.middlename='$parent_middlename'";
			$result = pg_query($sql);
         	$count = pg_num_rows($result);
            
            if($count < 1)
            {
                $_SESSION['parent_lastname']=$parent_lastname;
			    $_SESSION['parent_firstname']=$parent_firstname;
			    $_SESSION['parent_middlename']=$parent_middlename;
                $_SESSION['level']=$level;
                $_SESSION['school']=$school;
                $_SESSION['month']=$month;
                $_SESSION['day']=$day;
                $_SESSION['year']=$year;
                
            	header('Location: admin_create_parent.php');
            	exit();
            }
            else
            {			
				$rows=pg_fetch_array($result);
				$parent_id=$rows['parent_id'];
					
	            $sql="INSERT INTO students (parent_id, grade_level, school, username, date_enrolled) VALUES ('$parent_id','$level', '$school', '$username', to_date('$day $month $year', 'DD MON YYYY'))";
				$result=pg_query($sql);
				header('Location: admin_emailcreateaccount.php');
				exit();
            }
        }
        elseif($_SESSION['type'] == 'student')
        {
            header('Location: student_index.php');
            exit();
        }
        elseif($_SESSION['type'] == 'tutor')
        {
            header('Location: tutor_index.php');
            exit();
        }
        elseif($_SESSION['type'] == 'parent')
        {
            header('Location: parent_index.php');
            exit();
        }
    }
}
else
{
    header('Location: index.php');
}
?>

